CVE-2023-3209 Information

Description

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks nonce checks or a combination of both.

Reference

https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c